My WordPress site is currently flagged by Google because of a malicious redirect hiding in the .htaccess file and a few “mystery” plugins I never installed. I can give you full access to the WordPress admin area so you can investigate; if you need anything beyond that, just tell me exactly what and I’ll arrange it with the host. Here is what I need done: • Track down and eliminate every trace of the redirect malware—core files, themes, plugins, database entries, and of course the .htaccess file. • Identify and remove any rogue or outdated plugins, then update the legitimate ones along with the WordPress core. • Lock the site down: tighten file permissions, install and configure a reputable security/firewall plugin, enable regular malware scans, and set up basic login protection. • Provide a short clean-up report that lists what was infected, what you removed or repaired, and the preventive steps you put in place. Acceptance will be straightforward: no more redirects, no warnings in Google Search Console, and a clean scan result from Wordfence (or a comparable tool). If this sounds like your specialty, let’s get the site healthy again.